124.198.132.230

ThreatDown is now the name of the Malwarebytes line of business products. References to Malwarebytes below reflect the amazing technology used to first identify the threat.

Short bio

The IP address 124.198.132.230 was blocked by Malwarebytes because it is associated with a Trojan.

Type of infection

The AsyncRAT Trojan was offered for download as installers for remote clients such as ScreenConnect.

Malicious behavior

Servers at this IP were involved in communications with Windows machines infected with the AsyncRAT Trojan.

Aftermath

If you found traffic tot this IP blocked by Malwarebytes, you should assume your machine is either infected or an attempt to infect it is in progress. It is advisable to run full system scan.

Protection

Malwarebytes blocks the IP address 124.198.132.230 because it is associated with a Trojan.

Malwarebytes blocks 124.198.132.230
Malwarebytes blocks 124.198.132.230

Associated threats